#Threat_Research
Exploiting null-dereferences in the Linux kernel
https://googleprojectzero.blogspot.com/2023/01/exploiting-null-dereferences-in-linux.html
Exploiting null-dereferences in the Linux kernel
https://googleprojectzero.blogspot.com/2023/01/exploiting-null-dereferences-in-linux.html
#WebApp_Security
1. Hacking Salesforce-backed WebApps
https://www.hypn.za.net/blog/2022/11/12/Hacking-Salesforce-backed-WebApps
2. GUID: Attacking Password Reset Functionality
https://www.intruder.io/research/in-guid-we-trust
3. Prototype bugs explained
https://www.jerkeby.se/newsletter/posts/prototype-poisoning
1. Hacking Salesforce-backed WebApps
https://www.hypn.za.net/blog/2022/11/12/Hacking-Salesforce-backed-WebApps
2. GUID: Attacking Password Reset Functionality
https://www.intruder.io/research/in-guid-we-trust
3. Prototype bugs explained
https://www.jerkeby.se/newsletter/posts/prototype-poisoning
Best_Pract_MITRE_ATT_Mapping.pdf
890.8 KB
#Blue_Team_Techniques
"Best Practices for MITRE ATT&CK Mapping", January 2023.
"Best Practices for MITRE ATT&CK Mapping", January 2023.
Linux kernel stack buffer overflow in nftables(CVE-2023-0179)
The vulnerability consists of a stack BOF due to an integer underflow vulnerability inside the nft_payload_copy_vlan function, which is invoked with nft_payload expressions as long as a VLAN tag is present in the current skb.
⚠️The exploitation could allow the leakage of both stack and heap addresses and, potentially, a LPE to the root user via arbitrary code execution.
Exploit: https://system32.ink/news-feed/p/162/
The vulnerability consists of a stack BOF due to an integer underflow vulnerability inside the nft_payload_copy_vlan function, which is invoked with nft_payload expressions as long as a VLAN tag is present in the current skb.
⚠️The exploitation could allow the leakage of both stack and heap addresses and, potentially, a LPE to the root user via arbitrary code execution.
Exploit: https://system32.ink/news-feed/p/162/
System32
MCracker2002 posted an update
Linux kernel stack buffer overflow in nftables(CVE-2023-0179)The vulnerability consists of a stack BOF due to an integer underflow vulnerability inside the nft_payload_copy_vlan function, which is invoked with nft_payload expressions as long as a VLAN tag…
🕵️♂️Руководство по поиску в твиттере(расширенный вариант)
🕵️♂️Twitter Search Guide (extended version)
#osint #twitter
Translation: ru-en
🕵️♂️Twitter Search Guide (Advanced)
🕵️♂️Twitter Search Guide (extended version)
#osint #twitter
🕵️♂️Twitter Search Guide (extended version)
#osint #twitter
Translation: ru-en
🕵️♂️Twitter Search Guide (Advanced)
🕵️♂️Twitter Search Guide (extended version)
#osint #twitter